Luka Treiber

1 exploit Active since Aug 2008
CVE-2008-3790 EXPLOITDB ruby WORKING POC
Ruby 1.8.6-1.8.6-p287, 1.8.7-1.8.7-p72, 1.9 - Denial of Service via XML Entity Expansion
The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."